1. Field of the Invention
The present invention relates generally to encoding methods and more particularly to methods for achieving secure communications in electronic commerce transactions.
2. Description of the Related Art
Secure communication is vital for the commercial success of electronic commerce transactions. Modern Internet commerce is predicated on the assumption that sensitive financial and personal information can be encrypted to prevent unauthorized disclosure over the common network. Typically, this is done using a standard of encryption known as “HTTPS” or Hyper Text Transfer Protocol Secure. The HTTPS protocol is selected to run on the company web server as a measure to insure that communication with a user or web browser is secured through encryption of information sent over the channel. This standard communicates information that is encrypted and decrypted at both a sender and receiver using assigned keys between both the sender and receiver. The administration of these keys is typically done through a central depository company such as that provided by RSA Security to manage the distribution of security channel keys.
It is well known that prime numbers are used as keys in electronic communications in various encryption standards. Two prime numbers multiplied together create a composite number of which only two factors are the two prime numbers. Both prime numbers can then become keys of an encrypted message in methods such as the RSA algorithm. Encryption length key standards today are 1024 bits, but it is expected that this encryption size will increase as memory and processor speeds increase to produce larger length keys. Security of the transaction, however, is predicated on the assumption that the channel of communication is secure.
In the event of a compromise of the secure HTTPS channel, little protection is available to the end user, as in a web transaction with a company, to securely exchange information with the company. Without the security of the communications channel, sending financial information such as credit card information can result in the unintended disclosure of the information to others.
Previous solutions used rely on the use of a single standards based communications method. In such solutions, when a solution to the encoding algorithm becomes publicly known, the electronic communications session can become vulnerable to attack or fraud. Another popular solution technique is to increase key size whenever the algorithm for a key code is uncovered.
Some U.S. Patents disclosing prior cryptography techniques are:
PATENTPATENTEE3,962,539Ehrsam et al.4,200,770Hellman et al.4,218,582Hellman et al.4,405,829Rivest et al.4,748,668Shamir et al.4,850,017Matyas et al.5,140,634Guillou et al.5,214,703Lai et al.5,231,668Kravitz5,315,658Micali